Your e-mail account will be disabled because of improper using in next
three days, if you are still wishing to use it, please, resign your
account information.
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
there was an attachment, it was a .pif-file. I tried to open it, but my virus scanner told me this:
Scan result: Virus “W32.Beagle.J@mm” found.
You can not download this attachment. You have two options:
Sign up for Yahoo! Mail Plus to get automatic cleaning of infected attachments. Learn more.
(Note: Not all viruses can be cleaned.)
Contact the message sender and request that they resend the attachment to you after cleaning it with anti-virus software.
I got it too. Beagle is a new apparently very destructive worm. Our IS\IT dept sent out a warning about it this morning. The headings can appear much more legitimate than most other worms from what I’ve heard.
I got one too. It wasn’t from Dale though. Mine was from: management@yahoo.com the subject was: E-mail account security warning. It said that after I open the attachment. I was to use this special “code number” for something. I just dumped it in the trash. Stupid idiots, I would like to give them a secret code!
Never open attachments. Even friends just don’t send them anymore, at least they shouldn’t. There’s so many other ways.
I got an email identifying itself as my ISP. It said my email account had been temporarily suspended due to unauthorized access. It had an attachment that was encrypted, yet gave the numerical code to open it (dummies!). The attachment file was named “damlendilio” -what a giveaway! I deleted the whole thing. Gotta be another church related covert operation!
Has to be a C&F targeted thing, and by looking at the dwindling number of posts, I wonder if it’s working…has everyone’s computers shut down?
I got one from Dale, Yahoo!, and our IT staff at work (hehe), so it’s out and about…seems to be a bit smarter than your average virus. It encrypts itself and then includes the key you need to decrypt it and open it. Since it arrives in encrypted form, the anti-virus software doesn’t catch it until you’ve decrypted it, which might be too late.
Posted on Wed, Mar. 03, 2004 Spitting match among virus creators making everyone wet
BY ERIKA D. SMITH
Knight Ridder Newspapers
(KRT) - World domination begins at home.
Maybe even at your home if you’re one of the millions of computer users surfing the Web without protection. The virus writers know you’re out there - and they’re fighting for you.
For weeks, three groups of malcontents have been waging a cyberwar with different versions of the MyDoom, Bagle and Netsky e-mail viruses.
It started out as friendly - if annoying - competition, with one virus writer trying to outdo his rivals by releasing a more powerful computer bug onto the Web. But now it’s personal.
Insults have been exchanged. Dares have been made. Attacks have been launched. And the stakes, well, they’re higher than ever.
The goal, some say, is global control of an army of infected computers. Those Internet-connected minions could then be told to send out more tainted e-mail or spam - and where there’s spam, there’s money.
The best way to keep on top of current virus / worm activity is probably to check out www.symantec.com and click the “Security Response” link.
Also, just because you receive an infected email with a familiar name in the “from” field Doesn’t" mean that that person’s machine is infected and is therefore sending you worm-ridden email. The “from” field in such emails is often “spoofed”, which means that the email address in the from field was lifted from the address book or email records on an infected computer.
For example, if Mr X and Dale had once exchanged emails, Dale’s email address would be on Mr X’s machine. If Mr X then carelessly opens an attachment from an infected email and infects his machine, the worm program will send loads of virus-bearing emails to all email addresses in his Outlook (or equivalent) address book. These emails will often have other adddresses found on Mr X’s machine inserted into the “from” field to conceal the truth.
This is the reason some of you may have received notification of delivery failures of emails you never sent. If this happens it does NOT necessarily mean your computer has a virus or worm infection. The failure notice just gets sent to whatever address has been put in the from/reply to fields, whether or not the original mail actually came from there…
“What are some of those other ways?” Mike, here’s some of the obvious:
For documents, you can sent the substance (but not the format) on the main email page. And, there’s a way to place both substance and format on the main page–I get this from our state’s Association of Cities and Counties on a regular basis–so that one doesn’t have to open the attachment to read the contents. I receive an attachment once a week from a fellow band member, who also writes software for a private corporation (I trust him). He sends a schedule of current engagements and possible future gigs for us to confirm dates. For a couple years, he sent them as attachments (because it was easier for him), but changed the format so that it looks okay on the regular opening page.
I have a friend who writes books, who use to send the chapters to me by attachment, for preview, but no longer does that. He copies and pastes them on regular email, or in several emails, or on CD and sends them by snail mail.
…and not so obvious:
For photos, there are a number of free hosting sites on the internet to store your photos. Nowdays, I just sent the URL link instead of the attachment, but there are ways of placing the photo directly on the email page w/o an attachment too, or both, so the attachment doen’t have to be opened.
With music and videos, there are also sites on the internet that host these…some are free (with limited space) others cheap enough. And of course there’s snail mail for music and DVD videos, which I use, because of the better quality involved, and it doesn’t tie up my friends computer for long periods of time while downloading.
And there’s the possibility of creating your own web site for friends to link to. These are just a few practical alternative “other ways.”
A Firewall is very important, even if you are on a dial-up. An antivirus on your computer just isn’t enough now. Hackers can still get in to your computer and put a virus on it if you don’t have a firewall.
I have Norton Firewall on my computer to stop these kind of attacks. Norton firewall has a little tracker thing that pops out to alert me when someone is scanning my ISP for vunerable computers. The firewall hides my ports from these hackers. I can tell you that in any given day that little tracker thing will pop out hundreds and hundreds of times. It has told me alot of times that Norton Firewall has blocked a Trojan Horse from being put on my computer. Other times it tells me that it has blocked someone scanning my computer for 30 minutes. It tells me the ISP that has been scanning my computer. I found a webpage http://www.checkdomain.com that you can type in the ISP number, and you can see where it is coming from. Usually I am led to an ISP provider. Like Sprint and one time I was even led to my own ISP. If I understand right, it is coming from a computer or multipal computers that a hacker has broken into to go surfing for other computers to break in to.
This is the last number that my firewall said was scanning my ports. 62.108.19.86 If you take this number and put it in the space provided on the checkdomain website, it will bring up the ISP of where it is coming from, in this case it is Amsterdam.
"A number of emails are currently circulating within the Commission which have as title “Email account utilization warning” or similar. These contain a .zip file as attachment - protected by a password which is provided in the body of the message - and which you are invited to open and “execute”.
Please do not do so. The .zip file contains a genuine, unfiltered virus. The best thing to do is simply to delete the message."
As usual, C&F is several hours ahead of the posse.
Another thing to be aware of is the number of FAKE virus alerts and hoaxes that occur. I work in internet marketing and IT, and almost every day I have to ask colleagues not to circulate or forward warnings they may have received from well-meaning friends as these often turn out to be hoaxes. Several of these prompt you to search your hard drive for a certain file (which the hoax warning claims is a virus file) and to delete it if you find it. The file they ask you to delete is, in fact, actually a part of your Windows operating system, so be careful.
I’d recommend checking with your IT dept before acting on any virus warning unless that warning comes from your anti-virus software. Oh, and consider using Mac or preferably Linux instead of Windows. Windows is the most widely and successfully attacked system there is.
I agree with Kathy that a firewall is a very important precaution, however it is most important for those using an always-on broadband connection. A firewall won’t stop you getting virus/worm infections from email, but it is an obstacle to hackers who might otherwise gain access to info like credit card details etc stored on your machine.
Contrary to popular belief, learning the IP address from which an attack, scan or other unwelcome approach is made will rarely shed much light on the scallywag responsible. Most people who are up to no good will connect to the Net either via a dial-up ISP connection (which means they will be assigned a “dynamic” IP address from a pool of addresses held by their ISP, and which will change every time they connect) or they will use IP-masking/concealing tools such as proxy servers.
To understand the concept of a proxy server you might like to visit www.megaproxy.com or similar. In this form the proxy server offers a way to surf the web anonymously as anyone trying to see the IP address of their web visitors (i.e. you) will see the proxy IP address instead of yours. A useful aid to privacy, but obviously able to be used by people with mischief in mind.
